secure_faults_s
SECURE VULNERABILITY NOTE: There is a vulnerability that can affect TrustZone applications that also use floating point unit (CVE-2021-35465). The TrustZone examples delivered here do not use floating point, and so they aren’t affected. However, if TrustZone and FPU are used together, the used compiler should be checked for inbuilt workaround. If workaround is not available yet, then the actions described in CVE-2021-35465 should be applied manually.
Actual compilers status for this vulnerability: MCUX IDE v11.5.0 – fix not available yet GNU Arm Embedded Toolchain 10.3-2021.07 - fix not available yet EWARM v9.20.1 – already fixed ARM MDK v5.35 – check for new Arm compiler v6.17
Overview
The Secure Faults demo application demonstrates handling of different secure faults. This application is based on application Hello World. In addition, user can invoke different secure faults by setting testCaseNumber variable (see source code). The following faults can be invoked:
TEST 0: No any secure fault TEST 1: Invalid transition from secure to normal world TEST 2: Invalid entry point from normal to secure world TEST 3: Invalid data access from normal world, example 1 TEST 4: Invalid input parameters in entry function TEST 5: Invalid data access from normal world, example 2